From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tony Earnshaw <tonye@billy.demon.nl>
Subject: Re: vpn under linux
Date: Sat, 10 Apr 2004 19:23:43 +0200
Sender: netfilter-admin@lists.netfilter.org
Message-ID: <1081617821.18498.58.camel@localhost>
References: <4077B7EF.5070805@tin.it>  <1081600210.491.12.camel@localhost>
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Return-path: <netfilter-admin@lists.netfilter.org>
In-Reply-To: <1081600210.491.12.camel@localhost>
Errors-To: netfilter-admin@lists.netfilter.org
List-Help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-Post: <mailto:netfilter@lists.netfilter.org>
List-Subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-Id: <netfilter.vger.kernel.org>
List-Unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>,
	<mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
List-Archive: <https://lists.netfilter.org/pipermail/netfilter/>
Content-Type: text/plain; charset="iso-8859-1"
To: Netfilter <netfilter@lists.netfilter.org>

l=F8r, 10.04.2004 kl. 14.30 skrev John A. Sullivan III:
[...]

> The closest solution we could find to rival the commercial offerings on
> such a large scale is netfilter + freeS/WAN + iproute2 + ISC DHCP +
> StrongSec DHCP Relay + OpenCA.  There are reasonable alternatives to
> OpenCA.
>=20
> The FreeS/WAN code is alive and healthy.  Two major cooperative forks
> are available.  One is at www.openswan.org and the other is at
> www.strongswan.org.  Both are well supported and helpful.
>
> There a fairly complete although slightly dated slide shows on tying al=
l
> these technologies together (other than OpenCA) in the training section
> of http://iscs.sourceforge.net.
>=20
> The only major missing piece right now to make this combination a
> full-fledged competitor to the largest and most expensive commercial
> players is a sophisticated management front end such as those offered b=
y
> Solsoft, SmartPipes, NetScreen, Checkpoint, etc.  That is the hole I am
> trying to fill with the ISCS project.  It is the last piece that we nee=
d
> before we can do with open source tools what we have previously only
> been able to do with commercial tools to achieve the scale and
> complexity we need. If anyone wants to help, it is a huge project and I
> can use all the help I can get!

This was an enormously valuable precis and greatly appreciated. I wish I
could help, but don't have access to a lab. If there's anything a single
user set-up can do, let me know *at my sig below*.

--Tonni

--=20
Kattekots op de vloer
na de moe=EB thuiskomst
weinig walg
getrouw als kind
de kat heet welkom.

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl